﻿using System;
using System.Web;
using System.Web.Security;
using Guru.Web.UI;
using HSM.Entities;
using System.Data;
using Guru.Utilities.Cryptography;

[PageTextResource("Login")]
public partial class Login : HSMPage
{
    protected void Page_Load(object sender, EventArgs e)
    {

    }


    private void SaveAutheticatedData(string userName)
    {
        FormsAuthenticationTicket ticket;
        ticket = new FormsAuthenticationTicket(1, userName, DateTime.Now, DateTime.Now.AddHours(12), false, "");
        string ticketContent = FormsAuthentication.Encrypt(ticket);
        HttpCookie cookie = new HttpCookie(FormsAuthentication.FormsCookieName, ticketContent);
        cookie.Path = FormsAuthentication.FormsCookiePath;
        cookie.HttpOnly = true;
        cookie.Secure = FormsAuthentication.RequireSSL;
        Response.Cookies.Add(cookie);
    }

    protected void uxLogin_Click(object sender, EventArgs e)
    {
        string userName = uxUserName.Text.Trim();
        string passWord = uxPassword.Text.Trim();
        UserLogin user = HSMCommon.HSMBusiness.GetUserDetail(HSMSessionManager.CurrentClientID, HSMSessionManager.CurrentHotelID, userName);
        if (user == null)
        {
            DoInvalidLogin();
            return;
        }
        byte lastUserStatus = user.Status;
        int result = HSMCommon.HSMBusiness.ValidateLogin(user.ClientID, user.HotelID, userName, CryptoServices.Current.MD5(passWord), Request.UserHostAddress);
        result = result >> 24;
        switch (result)
        {
            case 1://login successfully
            case 2://nearly expired
            case 4://user password expired
            case 10://force reset password
                {
                    HSMSessionManager.CurrentUser = user;
                    DataTable roles = HSMCommon.HSMBusiness.GetUserRoles(HSMSessionManager.CurrentUser.UserID);
                    if (roles.Rows.Count <= 0)
                    {
                        DoInvalidLogin();
                        return;
                    }

                    DataTable pers = HSMCommon.HSMBusiness.GetUserPermissions(HSMSessionManager.CurrentUser.UserID);
                    HSMSessionManager.CurrentUserPermissions = new string[pers.Rows.Count];
                    for (int i = 0; i < pers.Rows.Count; i++)
                    {
                        HSMSessionManager.CurrentUserPermissions[i] = pers.Rows[i]["PermissionCode"].ToString();
                    }
                    HSMSessionManager.CurrentMenus = HSMCommon.HSMBusiness.GetUserMenus(HSMSessionManager.CurrentUser.UserID);
                    SaveAutheticatedData(HSMSessionManager.CurrentUser.UserID.ToString());
                }
                break;

            default:
                {
                    DoInvalidLogin();
                }
                return;
        }

        HSMSessionManager.CurrentUser = user;

        SaveAutheticatedData(userName);
        Response.Redirect("FE/FrontDesk.aspx");
    }

    void DoInvalidLogin()
    {
        uxMsg.Text = "Invalid user name or password.";
    }
}
